5c22554577
Merge remote-tracking branch 'exploitdb/main'
2025-06-11 00:01:54 +00:00
Exploit-DB
2edde6c159
DB: 2025-06-10
...
5 changes to exploits/shellcodes/ghdb
TightVNC 2.8.83 - Control Pipe Manipulation
Laravel Pulse 1.3.1 - Arbitrary Code Injection
Microsoft Windows 11 Version 24H2 Cross Device Service - Elevation of Privilege
ProSSHD 1.2 20090726 - Denial of Service (DoS)
2025-06-10 00:16:32 +00:00
bf635dcdf2
Merge remote-tracking branch 'exploitdb/main'
2025-06-06 00:55:43 +00:00
Exploit-DB
2825165fed
DB: 2025-06-06
...
7 changes to exploits/shellcodes/ghdb
macOS LaunchDaemon iOS 17.2 - Privilege Escalation
ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
Apache Tomcat 10.1.39 - Denial of Service (DoS)
Grandstream GSD3710 1.0.11.13 - Stack Overflow
CloudClassroom PHP Project 1.0 - SQL Injection
Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
2025-06-06 00:16:28 +00:00
Exploit-DB
c3b152279e
DB: 2025-05-30
...
7 changes to exploits/shellcodes/ghdb
Automic Agent 24.3.0 HF4 - Privilege Escalation
Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
Campcodes Online Hospital Management System 1.0 - SQL Injection
WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
Windows File Explorer Windows 11 (23H2) - NTLM Hash Disclosure
2025-05-30 00:16:26 +00:00
Exploit-DB
d69eaacef8
DB: 2025-05-26
...
8 changes to exploits/shellcodes/ghdb
Java-springboot-codebase 1.1 - Arbitrary File Read
ABB Cylon Aspect Studio 3.08.03 - Binary Planting
ABB Cylon Aspect 3.08.03 - Guest2Root Privilege Escalation
Grandstream GSD3710 1.0.11.13 - Stack Buffer Overflow
WordPress User Registration & Membership Plugin 4.1.2 - Authentication Bypass
Microsoft Windows Server 2016 - Win32k Elevation of Privilege
Windows 2024.15 - Unauthenticated Desktop Screenshot Capture
2025-05-26 00:16:29 +00:00
Exploit-DB
6d030b37a6
DB: 2025-05-22
...
6 changes to exploits/shellcodes/ghdb
Remote Keyboard Desktop 1.0.1 - Remote Code Execution (RCE)
Linux/x86 - Reverse TCP Shellcode (95 bytes)
Linux/x86-64 - execve(_/bin/sh_) Shellcode (36 bytes)
Windows 11 x64 - Reverse TCP Shellcode (564 bytes)
2025-05-22 00:16:30 +00:00
Exploit-DB
8bc45b368a
DB: 2025-05-19
...
4 changes to exploits/shellcodes/ghdb
Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation
CrushFTP 11.3.1 - Authentication Bypass
Invision Community 5.0.6 - Remote Code Execution (RCE)
2025-05-19 00:16:30 +00:00
Exploit-DB
e49e8d0522
DB: 2025-05-14
...
5 changes to exploits/shellcodes/ghdb
RDPGuard 9.9.9 - Privilege Escalation
TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
2025-05-14 00:16:22 +00:00
e5c82353b4
Merge remote-tracking branch 'exploitdb/main'
2025-05-12 00:04:05 +00:00
Exploit-DB
9044a602bb
DB: 2025-05-10
...
6 changes to exploits/shellcodes/ghdb
Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
WordPress Depicter Plugin 3.6.1 - SQL Injection
Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
VirtualBox 7.0.16 - Privilege Escalation
2025-05-10 00:16:28 +00:00
64c800d1a7
Merge remote-tracking branch 'exploitdb/main'
2025-05-08 00:03:03 +00:00
Exploit-DB
3cc98cadb3
DB: 2025-05-07
...
4 changes to exploits/shellcodes/ghdb
Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
2025-05-07 00:16:29 +00:00
23961d7132
Merge remote-tracking branch 'exploitdb/main'
2025-05-03 00:02:49 +00:00
Exploit-DB
5544e2e039
DB: 2025-05-02
...
5 changes to exploits/shellcodes/ghdb
Daikin Security Gateway 14 - Remote Password Reset
ZTE ZXV10 H201L - RCE via authentication bypass
Microsoft - NTLM Hash Disclosure Spoofing (library-ms)
Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing
2025-05-02 00:16:30 +00:00
00de2ea641
Merge remote-tracking branch 'exploitdb/main'
2025-05-02 00:03:05 +00:00
Exploit-DB
cc6d742d61
DB: 2025-05-01
...
2 changes to exploits/shellcodes/ghdb
unzip-stream 0.3.1 - Arbitrary File Write
2025-05-01 00:16:35 +00:00
9d239ad420
Merge remote-tracking branch 'exploitdb/main'
2025-04-30 00:02:59 +00:00
g0t mi1k
e947b3fe8d
Merge branch 'xXxsomebodyoncetoldmexXx-main-patch-73439' into 'main'
...
Fixing "fatal: couldn't find remote ref master" error for new installer.
See merge request exploit-database/exploitdb!1
2025-04-29 09:07:39 +00:00
0f05972f2e
Merge remote-tracking branch 'exploitdb/main'
2025-04-24 00:02:55 +00:00
Exploit-DB
6cef641858
DB: 2025-04-23
...
9 changes to exploits/shellcodes/ghdb
tar-fs 3.0.0 - Arbitrary File Write/Overwrite
OpenSSH server (sshd) 9.8p1 - Race Condition
Firefox ESR 115.11 - PDF.js Arbitrary JavaScript execution
code-projects Online Exam Mastering System 1.0 - Reflected Cross-Site Scripting (XSS)
WonderCMS 3.4.2 - Remote Code Execution (RCE)
WordPress Core 6.2 - Directory Traversal
Microsoft Windows 11 - Kernel Privilege Escalation
Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege
2025-04-23 00:16:28 +00:00
34638e2ae8
Merge remote-tracking branch 'exploitdb/main'
2025-04-21 00:02:44 +00:00
Exploit-DB
71bfc9b6c5
DB: 2025-04-20
...
3 changes to exploits/shellcodes/ghdb
FoxCMS 1.2.5 - Remote Code Execution (RCE)
Drupal 11.x-dev - Full Path Disclosure
2025-04-20 00:16:27 +00:00
2d562cdb73
Merge remote-tracking branch 'exploitdb/main'
2025-04-20 00:02:46 +00:00
Exploit-DB
8ce497b2c8
DB: 2025-04-19
...
8 changes to exploits/shellcodes/ghdb
Langflow 1.3.0 - Remote Code Execution (RCE)
Apache Commons Text 1.10.0 - Remote Code Execution
Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation
UJCMS 9.6.3 - User Enumeration via IDOR
Inventio Lite 4 - SQL Injection
KiviCare Clinic & Patient Management System (EHR) 3.6.4 - Unauthenticated SQL Injection
Tatsu 3.3.11 - Unauthenticated RCE
2025-04-19 00:16:29 +00:00
92a06134fe
Merge remote-tracking branch 'exploitdb/main'
2025-04-19 00:02:25 +00:00
Exploit-DB
9ddf81331a
DB: 2025-04-18
...
10 changes to exploits/shellcodes/ghdb
TP-Link VN020 F3v(T) TT_V6.2.1021 - Buffer Overflow Memory Corruption
TP-Link VN020 F3v(T) TT_V6.2.1021 - Denial Of Service (DOS)
Angular-Base64-Upload Library 0.1.21 - Unauthenticated Remote Code Execution (RCE)
Blood Bank & Donor Management System 2.4 - CSRF Improper Input Validation
compop.ca 3.5.3 - Arbitrary code Execution
Usermin 2.100 - Username Enumeration
ABB Cylon Aspect 3.08.02 (deployStart.php) - Unauthenticated Command Execution
ABB Cylon Aspect 3.08.02 (ethernetUpdate.php) - Authenticated Path Traversal
AnyDesk 9.0.1 - Unquoted Service Path
2025-04-18 00:16:31 +00:00
682b78fb31
Merge remote-tracking branch 'exploitdb/main'
2025-04-18 00:01:14 +00:00
Exploit-DB
7ebfc36557
DB: 2025-04-17
...
24 changes to exploits/shellcodes/ghdb
ASUS ASMB8 iKVM 1.14.51 - Remote Code Execution (RCE)
Ruckus IoT Controller 1.7.1.0 - Undocumented Backdoor Account
Dell EMC iDRAC7/iDRAC8 2.52.52.52 - Remote Code Execution (RCE)
FLIR AX8 1.46.16 - Remote Command Injection
ABB Cylon Aspect 3.08.02 - Cross-Site Request Forgery (CSRF)
Ethercreative Logs 3.0.3 - Path Traversal
Garage Management System 1.0 (categoriesName) - Stored XSS
Nagios Log Server 2024R1.3.1 - Stored XSS
ProConf 6.0 - Insecure Direct Object Reference (IDOR)
Teedy 1.11 - Account Takeover via Stored Cross-Site Scripting (XSS)
WooCommerce Customers Manager 29.4 - Post-Authenticated SQL Injection
ABB Cylon Aspect 3.08.03 (webServerDeviceLabelUpdate.php) - File Write DoS
ABB Cylon Aspect 4.00.00 (factorySaved.php) - Unauthenticated XSS
ABB Cylon Aspect 4.00.00 (factorySetSerialNum.php) - Remote Code Execution
Car Rental Project 1.0 - Remote Code Execution
KodExplorer 4.52 - Open Redirect
NagVis 1.9.33 - Arbitrary File Read
phpMyFAQ 3.1.7 - Reflected Cross-Site Scripting (XSS)
phpMyFAQ 3.2.10 - Unintended File Download Triggered by Embedded Frames
Smart Manager 8.27.0 - Post-Authenticated SQL Injection
Zabbix 7.0.0 - SQL Injection
Hugging Face Transformers MobileViTV2 4.41.1 - Remote Code Execution (RCE)
Fortinet FortiOS_ FortiProxy_ and FortiSwitchManager 7.2.0 - Authentication bypass
WebMethods Integration Server 10.15.0.0000-0092 - Improper Access on Login Page
2025-04-17 00:16:29 +00:00
4a70237d12
Merge remote-tracking branch 'exploitdb/main'
2025-04-17 00:01:19 +00:00
Exploit-DB
b905517ca9
DB: 2025-04-16
...
22 changes to exploits/shellcodes/ghdb
Spring Boot common-user-management 0.1 - Remote Code Execution (RCE)
ABB Cylon Aspect 3.07.02 (userManagement.php) - Weak Password Policy
ABB Cylon Aspect 3.08.02 (bbmdUpdate.php) - Remote Code Execution
ABB Cylon Aspect 3.08.02 (licenseServerUpdate.php) - Stored Cross-Site Scripting
ABB Cylon Aspect 3.08.02 (licenseUpload.php) - Stored Cross-Site Scripting
ABB Cylon Aspect 3.08.02 (uploadDb.php) - Remote Code Execution
ABB Cylon Aspect 3.08.02 - Cookie User Password Disclosure
ABB Cylon Aspect 3.08.03 (CookieDB) - SQL Injection
Ivanti Connect Secure 22.7R2.5 - Remote Code Execution (RCE)
ABB Cylon Aspect 3.08.03 (MapServicesHandler) - Authenticated Reflected XSS
ABB Cylon Aspect 3.08.03 - Hard-coded Secrets
Adapt Authoring Tool 0.11.3 - Remote Command Execution (RCE)
IBMi Navigator 7.5 - HTTP Security Token Bypass
IBMi Navigator 7.5 - Server Side Request Forgery (SSRF)
Plane 0.23.1 - Server side request forgery (SSRF)
ABB Cylon Aspect 3.08.02 (escDevicesUpdate.php) - Denial of Service (DOS)
ABB Cylon Aspect 3.08.02 (webServerUpdate.php) - Input Validation Config Poisoning
Cacti 1.2.26 - Remote Code Execution (RCE) (Authenticated)
OpenCMS 17.0 - Stored Cross Site Scripting (XSS)
Really Simple Security 9.1.1.1 - Authentication Bypass
Pymatgen 2024.1 - Remote Code Execution (RCE)
2025-04-16 00:16:24 +00:00
3695da6995
Merge remote-tracking branch 'exploitdb/main'
2025-04-16 00:01:37 +00:00
Exploit-DB
0f3d104e83
DB: 2025-04-15
...
15 changes to exploits/shellcodes/ghdb
ZTE ZXHN H168N 3.1 - Remote Code Execution (RCE) via authentication bypass
GestioIP 3.5.7 - Cross-Site Request Forgery (CSRF)
GestioIP 3.5.7 - Cross-Site Scripting (XSS)
GestioIP 3.5.7 - Reflected Cross-Site Scripting (Reflected XSS)
GestioIP 3.5.7 - Remote Command Execution (RCE)
GestioIP 3.5.7 - Stored Cross-Site Scripting (Stored XSS)
OpenPanel 0.3.4 - Directory Traversal
OpenPanel 0.3.4 - Incorrect Access Control
OpenPanel 0.3.4 - OS Command Injection
OpenPanel Copy and View functions in the File Manager 0.3.4 - Directory Traversal
Pimcore 11.4.2 - Stored cross site scripting
Pimcore customer-data-framework 4.2.0 - SQL injection
SilverStripe 5.3.8 - Stored Cross Site Scripting (XSS) (Authenticated)
Xinet Elegant 6 Asset Lib Web UI 6.1.655 - SQL Injection
2025-04-15 00:16:26 +00:00
f2ad90c38c
Merge remote-tracking branch 'exploitdb/main'
2025-04-15 00:01:40 +00:00
Exploit-DB
60175c9963
DB: 2025-04-14
...
52 changes to exploits/shellcodes/ghdb
Microchip TimeProvider 4100 (Configuration modules) 2.4.6 - OS Command Injection
Microchip TimeProvider 4100 Grandmaster (Banner Config Modules) 2.4.6 - Stored Cross-Site Scripting (XSS)
Microchip TimeProvider 4100 Grandmaster (Data plot modules) 2.4.6 - SQL Injection
Microchip TimeProvider 4100 (Configuration modules) 2.4.6 - OS Command Injection
Microchip TimeProvider 4100 Grandmaster (Banner Config Modules) 2.4.6 - Stored Cross-Site Scripting (XSS)
Microchip TimeProvider 4100 Grandmaster (Data plot modules) 2.4.6 - SQL Injection
Apache HugeGraph Server 1.2.0 - Remote Code Execution (RCE)
DataEase 2.4.0 - Database Configuration Information Exposure
Cosy+ firmware 21.2s7 - Command Injection
Angular-Base64-Upload Library 0.1.20 - Remote Code Execution (RCE)
K7 Ultimate Security K7RKScan.sys 17.0.2019 - Denial Of Service (DoS)
ABB Cylon Aspect 3.07.02 - File Disclosure (Authenticated)
ABB Cylon Aspect 3.08.01 - Remote Code Execution (RCE)
ABB Cylon Aspect 3.07.02 - File Disclosure
ABB Cylon Aspect 3.08.01 - Remote Code Execution (RCE)
Cisco Smart Software Manager On-Prem 8-202206 - Account Takeover
CyberPanel 2.3.6 - Remote Code Execution (RCE)
IBM Security Verify Access 10.0.0 - Open Redirect during OAuth Flow
Intelight X-1L Traffic controller Maxtime 1.9.6 - Remote Code Execution (RCE)
KubeSphere 3.4.0 - Insecure Direct Object Reference (IDOR)
MagnusSolution magnusbilling 7.3.0 - Command Injection
Palo Alto Networks Expedition 1.2.90.1 - Admin Account Takeover
Progress Telerik Report Server 2024 Q1 (10.0.24.305) - Authentication Bypass
Sonatype Nexus Repository 3.53.0-01 - Path Traversal
Watcharr 1.43.0 - Remote Code Execution (RCE)
Webmin Usermin 2.100 - Username Enumeration
ABB Cylon Aspect 3.07.01 - Hard-coded Default Credentials
ABB Cylon Aspect 3.08.01 - Arbitrary File Delete
ABB Cylon Aspect 3.07.01 - Hard-coded Default Credentials
ABB Cylon Aspect 3.08.01 - Arbitrary File Delete
AquilaCMS 1.409.20 - Remote Command Execution (RCE)
Artica Proxy 4.50 - Remote Code Execution (RCE)
Centron 19.04 - Remote Code Execution (RCE)
ChurchCRM 5.9.1 - SQL Injection
CodeAstro Online Railway Reservation System 1.0 - Cross Site Scripting (XSS)
CodeCanyon RISE CRM 3.7.0 - SQL Injection
Elaine's Realtime CRM Automation 6.18.17 - Reflected XSS
Feng Office 3.11.1.2 - SQL Injection
flatCore 1.5 - Cross Site Request Forgery (CSRF)
flatCore 1.5.5 - Arbitrary File Upload
flatCore 1.5 - Cross Site Request Forgery (CSRF)
flatCore 1.5.5 - Arbitrary File Upload
GetSimpleCMS 3.3.16 - Remote Code Execution (RCE)
Gnuboard5 5.3.2.8 - SQL Injection
LearnPress WordPress LMS Plugin 4.2.7 - SQL Injection
Litespeed Cache 6.5.0.1 - Authentication Bypass
MiniCMS 1.1 - Cross Site Scripting (XSS)
MoziloCMS 3.0 - Remote Code Execution (RCE)
NEWS-BUZZ News Management System 1.0 - SQL Injection
PandoraFMS 7.0NG.772 - SQL Injection
phpIPAM 1.6 - Reflected Cross Site Scripting (XSS)
PZ Frontend Manager WordPress Plugin 1.0.5 - Cross Site Request Forgery (CSRF)
ResidenceCMS 2.10.1 - Stored Cross-Site Scripting (XSS)
RosarioSIS 7.6 - SQL Injection
Roundcube Webmail 1.6.6 - Stored Cross Site Scripting (XSS)
Typecho 1.3.0 - Race Condition
Typecho 1.3.0 - Stored Cross-Site Scripting (XSS)
Typecho 1.3.0 - Race Condition
Typecho 1.3.0 - Stored Cross-Site Scripting (XSS)
X2CRM 8.5 - Stored Cross-Site Scripting (XSS)
Rejetto HTTP File Server 2.3m - Remote Code Execution (RCE)
Microsoft Office 2019 MSO Build 1808 - NTLMv2 Hash Disclosure
2025-04-14 00:16:26 +00:00
e763a7dc0b
Merge remote-tracking branch 'exploitdb/main'
2025-04-13 00:01:53 +00:00
Exploit-DB
b165516b1b
DB: 2025-04-12
...
26 changes to exploits/shellcodes/ghdb
ABB Cylon Aspect 3.08.02 - PHP Session Fixation
ABB Cylon FLXeon 9.3.4 - Cross-Site Request Forgery
ABB Cylon FLXeon 9.3.4 - Default Credentials
ABB Cylon FLXeon 9.3.4 - Remote Code Execution (Authenticated)
ABB Cylon FLXeon 9.3.4 - Remote Code Execution (RCE)
ABB Cylon FLXeon 9.3.4 - System Logs Information Disclosure
ABB Cylon FLXeon 9.3.4 - WebSocket Command Spawning
Netman 204 - Remote command without authentication
qBittorrent 5.0.1 - MITM RCE
CMU CERT/CC VINCE 2.0.6 - Stored XSS
CyberPanel 2.3.6 - Remote Code Execution (RCE)
GeoVision GV-ASManager 6.1.0.0 - Broken Access Control
GeoVision GV-ASManager 6.1.1.0 - CSRF
MagnusSolution magnusbilling 7.3.0 - Command Injection
Nagios Log Server 2024R1.3.1 - API Key Exposure
WebFileSys 2.31.0 - Directory Path Traversal
flatCore 1.5 - Cross Site Request Forgery (CSRF)
GetSimpleCMS 3.3.16 - Remote Code Execution (RCE)
Gnuboard5 5.3.2.8 - SQL Injection
LearnPress WordPress LMS Plugin 4.2.7 - SQL Injection
MiniCMS 1.1 - Cross Site Scripting (XSS)
NEWS-BUZZ News Management System 1.0 - SQL Injection
phpIPAM 1.6 - Reflected Cross Site Scripting (XSS)
RosarioSIS 7.6 - SQL Injection
Roundcube Webmail 1.6.6 - Stored Cross Site Scripting (XSS)
2025-04-12 00:16:31 +00:00
70472131cc
Merge remote-tracking branch 'exploitdb/main'
2025-04-12 00:01:16 +00:00
Exploit-DB
9d3e200bec
DB: 2025-04-11
...
12 changes to exploits/shellcodes/ghdb
Cosy+ firmware 21.2s7 - Command Injection
K7 Ultimate Security K7RKScan.sys 17.0.2019 - Denial Of Service (DoS)
Cisco Smart Software Manager On-Prem 8-202206 - Account Takeover
AquilaCMS 1.409.20 - Remote Command Execution (RCE)
Centron 19.04 - Remote Code Execution (RCE)
CodeAstro Online Railway Reservation System 1.0 - Cross Site Scripting (XSS)
Feng Office 3.11.1.2 - SQL Injection
flatCore 1.5.5 - Arbitrary File Upload
PandoraFMS 7.0NG.772 - SQL Injection
Typecho 1.3.0 - Race Condition
Typecho 1.3.0 - Stored Cross-Site Scripting (XSS)
2025-04-11 00:17:01 +00:00
1dbb33ef37
Merge remote-tracking branch 'exploitdb/main'
2025-04-11 00:01:15 +00:00
Exploit-DB
762197db08
DB: 2025-04-10
...
10 changes to exploits/shellcodes/ghdb
Apache HugeGraph Server 1.2.0 - Remote Code Execution (RCE)
Intelight X-1L Traffic controller Maxtime 1.9.6 - Remote Code Execution (RCE)
Zohocorp ManageEngine ADManager Plus 7210 - Elevation of Privilege
Anchor CMS 0.12.7 - Stored Cross Site Scripting (XSS)
Artica Proxy 4.50 - Remote Code Execution (RCE)
ChurchCRM 5.9.1 - SQL Injection
PZ Frontend Manager WordPress Plugin 1.0.5 - Cross Site Request Forgery (CSRF)
ResidenceCMS 2.10.1 - Stored Cross-Site Scripting (XSS)
DocsGPT 0.12.0 - Remote Code Execution
2025-04-10 00:16:32 +00:00
6a8464a842
Merge remote-tracking branch 'exploitdb/main'
2025-04-10 00:01:14 +00:00
Exploit-DB
2bc15f74f8
DB: 2025-04-09
...
9 changes to exploits/shellcodes/ghdb
InfluxDB OSS 2.7.11 - Operator Token Privilege Escalation
Sony XAV-AX5500 1.13 - Firmware Update Validation Remote Code Execution (RCE)
GeoVision GV-ASManager 6.1.0.0 - Information Disclosure
Jasmin Ransomware - Arbitrary File Download (Authenticated)
jQuery 3.3.1 - Prototype Pollution & XSS Exploit
Nagios Xi 5.6.6 - Authenticated Remote Code Execution (RCE)
UNA CMS 14.0.0-RC - PHP Object Injection
WordPress User Registration & Membership Plugin 4.1.1 - Unauthenticated Privilege Escalation
2025-04-09 00:16:23 +00:00
3dd3814744
Merge remote-tracking branch 'exploitdb/main'
2025-04-09 00:01:14 +00:00
Exploit-DB
a8420434d2
DB: 2025-04-08
...
4 changes to exploits/shellcodes/ghdb
Apache Tomcat 11.0.3 - Remote Code Execution
XWiki Platform 15.10.10 - Remote Code Execution
YesWiki 4.5.1 - Unauthenticated Path Traversal
2025-04-08 00:16:25 +00:00
e89b67f424
Merge remote-tracking branch 'exploitdb/main'
2025-04-08 00:01:16 +00:00
Exploit-DB
881542919e
DB: 2025-04-07
...
7 changes to exploits/shellcodes/ghdb
DataEase 2.4.0 - Database Configuration Information Exposure
Palo Alto Networks Expedition 1.2.90.1 - Admin Account Takeover
Watcharr 1.43.0 - Remote Code Execution (RCE)
WBCE CMS 1.6.3 - Authenticated Remote Code Execution (RCE)
Backup and Staging by WP Time Capsule 1.22.21 - Unauthenticated Arbitrary File Upload
Reservit Hotel 2.1 - Stored Cross-Site Scripting (XSS)
2025-04-07 00:16:26 +00:00
b779de90fb
Merge remote-tracking branch 'exploitdb/main'
2025-04-07 00:01:26 +00:00
Exploit-DB
2bd993a7c3
DB: 2025-04-06
...
7 changes to exploits/shellcodes/ghdb
Microchip TimeProvider 4100 Grandmaster (Data plot modules) 2.4.6 - SQL Injection
Exclusive Addons for Elementor 2.6.9 - Stored Cross-Site Scripting (XSS)
IBM Security Verify Access 10.0.0 - Open Redirect during OAuth Flow
Kubio AI Page Builder 2.5.1 - Local File Inclusion (LFI)
Next.js Middleware 15.2.2 - Authorization Bypass
Royal Elementor Addons and Templates 1.3.78 - Unauthenticated Arbitrary File Upload
Apache mod_proxy_cluster - Stored XSS
Apache mod_proxy_cluster 1.2.6 - Stored XSS
2025-04-06 00:16:39 +00:00
c617f78321
Merge remote-tracking branch 'exploitdb/main'
2025-04-06 00:01:31 +00:00
